If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Hybrid View

Server Messed Up again by VIRUS

Hi guys !

Once again my server is behaving strangly..... It started when this SEAMEWE3 backbone problem ..... we were unable to receive emails and i thought its normal as the backbone is down so obviously we would have encounter the same problem..... but from last 2 days i saw there were mails on server which are stuck there over and over no matter when i process the remote queue same mails were in queue and they are there from last three days...... I noticed the that one of the mail is 1 MB while one is 2 MB rest are small mails. But the problem is not these mails i saw that when i close my proxy server and shutdown the mail server still my modem is sending and receiving data..... so i used netstat to see the active connection and i saw there were more than 200 ports open and some other connection were there (epmap connections.) I thought something fishy there so i scan my system with NORTOn and you know what i encounter 4 different types of virus among them i was able to delete only 3.

The 3 rd virus is still there and its running as windows service i couldnot remove it.... the name of the file is rtftp.exe its at c drive root. Now i need your help to remove this.

OS. WIndows 2000 service pack 4.
Mail Server MDaemon.

One machine can do the work of fifty ordinary men. No machine can do the work of one extraordinary man!